sam local start-api cannot parse lambda authorizer correctly

[gnowobu]

Description:

Got this error when trying to test my lambda authorizer locally with sam build and sam local start-api: Unable to parse the Lambda ARN for Authorizer 'LambdaAuthorizer', skipping

here's my cloudformation template:

  lambdaAuthorizer:
    Type: AWS::Serverless::Function
    Properties:
        FunctionName: !Sub LambdaAuthorizer-${StageName}
        CodeUri: lambda_authorizer/
        Handler: src/handlers/authorizer.handler
        Runtime: nodejs20.x
        Timeout: 900
        MemorySize: 512
        Role: !GetAtt MyLambdaExecutionRole.Arn
        Environment:
          Variables:
            COGNITO_USERPOOL_ID: "..."
            COGNITO_CLIENT_ID: "..."

  MyApi:
    Type: AWS::Serverless::Api
    Properties:
      #      StageName: dev
      StageName: !Sub MyApi-${StageName}
      Auth:
        DefaultAuthorizer: CognitoAuthorizer
        AddDefaultAuthorizerToCorsPreflight: False
        Authorizers:
          LambdaAuthorizer: 
            FunctionArn: !GetAtt lambdaAuthorizer.Arn
          CognitoAuthorizer:
            UserPoolArn: arn:aws:cognito-idp:us-east-1:$account_id:userpool/...

Steps to reproduce:

Observed result:

The authorizer lambda function's arn cannot be parsed, but i have followed multiple AWS docs and it seems this is the only correct way to do it

Expected result:

I think this is quite a straightforward cloudformation and i don't understand why it cannot parse the arn

Additional environment details (Ex: Windows, Mac, Amazon Linux etc)

1. OS: Mac
2. sam --version: SAM CLI, version 1.124.0
3. AWS region: us-east-1

{
  "version": "1.124.0",
  "system": {
    "python": "3.8.20",
    "os": "macOS-12.7.5-x86_64-i386-64bit"
  },
  "additional_dependencies": {
    "docker_engine": "20.10.16",
    "aws_cdk": "Not available",
    "terraform": "1.9.3"
  },
  "available_beta_feature_env_vars": [
    "SAM_CLI_BETA_FEATURES",
    "SAM_CLI_BETA_BUILD_PERFORMANCE",
    "SAM_CLI_BETA_TERRAFORM_SUPPORT",
    "SAM_CLI_BETA_RUST_CARGO_LAMBDA"
  ]
}

Add --debug flag to command you are running

[sidhujus]

Hi @gnowobu thanks for raising this issue! Could you provide the full sam cli output when running the command with the --debug flag?

I tried with a couple different templates and was unable to reproduce the error.

[gnowobu]

Hi @sidhujus thanks for reaching out. Here's the debug output that i think it's related, please let me know if you need more output from that.

--template_file=/.../.aws-sam/build/template.yaml
--host=127.0.0.1 --port=3000 --static_dir=public                                                  
--layer_cache_basedir=/.../.aws-sam/layers-pkg --container_host=localhost              
--container_host_interface=127.0.0.1                                                              
2024-09-19 14:15:49,849 | local start-api command is called                                       
2024-09-19 14:15:50,383 | Collected default values for parameters: {'StageName': 'Stage'}         
2024-09-19 14:15:50,457 | Sam customer defined id is more priority than other IDs. Customer       
defined id for resource lambdaAuthorizer is lambdaAuthorizer                                      
2024-09-19 14:15:50,458 | There is no customer defined id or cdk path defined for resource MyApi, 
so we will use the resource logical id as the resource id                                         
2024-09-19 14:15:50,459 | There is no customer defined id or cdk path defined for resource        
MyLambdaExecutionRole, so we will use the resource logical id as the resource id                  
2024-09-19 14:15:50,461 | Sam customer defined id is more priority than other IDs. Customer       
defined id for resource dashboardAdmin is dashboardAdmin                                          
2024-09-19 14:15:50,462 | There is no customer defined id or cdk path defined for resource        
TopFansDb, so we will use the resource logical id as the resource id                              
2024-09-19 14:15:50,469 | Unable to resolve property FunctionArn: OrderedDict([('Fn::GetAtt',     
['lambdaAuthorizer', 'Arn'])]). Leaving as is.                                                    
2024-09-19 14:15:50,474 | 0 stacks found in the template                                          
2024-09-19 14:15:50,475 | Collected default values for parameters: {'StageName': 'Stage'}         
2024-09-19 14:15:50,552 | Sam customer defined id is more priority than other IDs. Customer       
defined id for resource lambdaAuthorizer is lambdaAuthorizer                                      
2024-09-19 14:15:50,553 | There is no customer defined id or cdk path defined for resource MyApi, 
so we will use the resource logical id as the resource id                                         
2024-09-19 14:15:50,554 | There is no customer defined id or cdk path defined for resource        
MyLambdaExecutionRole, so we will use the resource logical id as the resource id                  
2024-09-19 14:15:50,556 | Sam customer defined id is more priority than other IDs. Customer       
defined id for resource dashboardAdmin is dashboardAdmin                                          
2024-09-19 14:15:50,557 | There is no customer defined id or cdk path defined for resource        
TopFansDb, so we will use the resource logical id as the resource id                              
2024-09-19 14:15:50,566 | Unable to resolve property FunctionArn: OrderedDict([('Fn::GetAtt',     
['lambdaAuthorizer', 'Arn'])]). Leaving as is.                                                    
2024-09-19 14:15:50,572 | 5 resources found in the stack                                          
2024-09-19 14:15:50,573 | Found Serverless function with name='lambdaAuthorizer' and              
CodeUri='lambdaAuthorizer'                                                                        
2024-09-19 14:15:50,574 | --base-dir is not presented, adjusting uri lambdaAuthorizer relative to 
/.../.aws-sam/build/template.yaml                
2024-09-19 14:15:50,575 | Found Serverless function with name='dashboardAdmin' and                
CodeUri='dashboardAdmin'                                                                          
2024-09-19 14:15:50,582 | --base-dir is not presented, adjusting uri dashboardAdmin relative to   
/.../.aws-sam/build/template.yaml                
2024-09-19 14:15:51,012 | Found '0' API Events in Serverless function with name 'lambdaAuthorizer'
2024-09-19 14:15:51,015 | CORS Property MaxAge was not fully resolved. Will proceed as if the     
Property was not defined.                                                                         
2024-09-19 14:15:51,018 | Detected Inline Swagger definition                                      
2024-09-19 14:15:51,019 | Parsing Swagger document using 2.0 specification                        
2024-09-19 14:15:51,021 | Found '0' authorizers in resource 'MyApi'                               

2024-09-19 14:15:51,070 | Found '0' APIs in resource 'MyApi'                                      
2024-09-19 14:15:51,073 | This Integration URI format is not supported:                           
OrderedDict([('Fn::GetAtt', ['lambdaAuthorizer', 'Arn'])])                                        
2024-09-19 14:15:51,075 | Extracted Function ARN: None                                            
2024-09-19 14:15:51,076 | Unable to parse the Lambda ARN for Authorizer 'LambdaAuthorizer',       
skipping                                                                                          
2024-09-19 14:15:51,077 | Authorizer 'CognitoAuthorizer' is currently unsupported (must be a      
Lambda Authorizer), skipping                                                                      
2024-09-19 14:15:51,079 | Found '20' API Events in Serverless function with name 'dashboardAdmin' 
2024-09-19 14:15:51,082 | Removed duplicates from '20' Explicit APIs and '0' Implicit APIs to     
produce '20' APIs